Network Access Control

Hi everyone I have a doubt. We are implementing CWA for wifi guest access using CISCO ISE 2.3 and WLC 5500. If SSID is open authenticación   What happens with the security of client in this scenario? The traffic is not encrypted and therefore you can...

HiCould someone please confirm when will ISE 2.3 start supporting Microsoft SQL 2016 as an external identity source?Thanks and RegardsV Vinodh.

Hello ,    I want to know the effect on applying the above command globally ,  because I read that it makes any port that have portfast that receives bpdu goes through normal STP stages  ( listening , learning , forwarding ) which means that it basic...

Hi,I am working on a case where my customer is trying to use CWA flow for non-complaint VPN users.it works well for normal dot1x wired or wireless users when posture starts and users get the non-complaint status and then ISE send CoA and got the CWA ...

Hi,   So, we are a small shop (50 users, low levels of activity) and have 2 x DCs in Azure and 2 x on-prem - all Windows. I want to add RADIUS local authentication to our networking kit, most of which is Cisco. Just adding an NPAS role to a DC in Azu...

Has anyone achieved EAP-GTC on a google chromebook ?Natively it does not support it but I am trying to find a third party supplicant which could support it.

Hey, folks.I have problems upgrading ISE from v2.2 (latest patch 7) to any of the new versions like 2.3 or even 2.4 ....Until now I have tried the following things:1. Ran urt bundles (both 2.3 and 2.4) on the secondary admin node to test-> app instal...

I am attempting to create an ISE V2.1 authorization policy based on the switchport access VLAN assignment.  I have read in some documents that the Radius AV pairs that might apply are: cisco-avpair="tunnel-type(#64)=VLAN(13)" cisco-avpair="tunnel-me...

My 4 node ISE deployment is working fine as a CA for cert based authz with anyconnect + ASA. I cannot get SCEP working however.. whenever I try to configure one of my PSNs in my 'enroll' connection profile, i get an error complaining that there is a ...

I have installed Cisco ISE 3515 as a AAA dot1x server and I configured MAB and Dot1x to authentication for endpoint. I integrated ISE with my AD. I got an error which our endpoint cannot MAB authenticate with my Cisco ISE. My endpoint is Window 10 an...

Is there any way to send interface description or any other value which can uniquely identify an interface from radius requests ?eg.interface f0/0description API want to send "AP" in any of the radius attributes or Cisco VSAs to ISE.In other words I ...

Hi, Does anyone know if it is possible to send an interface description to ISE as part of the RADIUS access request? The interface ID is included in various elements e.g. 'nas-port-id' and 'cisco-nas-port', but not the description. Intent would be...